 | | | various grievances / nfs / kudzu / nis / kde .. (Shawn) | various grievances / nfs / kudzu / nis / kde .. (Shawn) 2003-04-21 - By Antoine Martin
Back
first, thanks for your reply.
> > * NFS: I can 't seem to find any options for binding nfs to specific
> > ports (-p option), either through the gui or in the scripts, which means
> > that I can 't have nfs for my vpn without unblocking all unprivileged
> > ports.
>
> See "man nfs " for more details, but briefly:
>
> Use port=portnumber as an option to your /etc/fstab
>
> or
>
> Use mountport= for the port# of the mountd port.
>
> Or when specifying options from the command line:
>
> mount -tnfs -oport=port# ....etc
Sorry, but I meant on the server.
The client can use portmap to find out the port numbers and portmap can
be allowed through the firewall as it uses a specific port (111)
But the ports for the various nfs daemons are dynamically allocated by
portmap.
>
> > * Where is the tool for configuring NIS?
>
> System Settings- >Authentication or:
>
> authconfig-gtk
Sorry, I meant on the server side again...
Client-side is there, which is why I am wondering why the server side
isn 't.
>
> > * kudzu:
> > - why is kudzu in /etc/fstab? it is not a filesystem option! It does
> > not belong there!
>
> It does in this case AFAIK, it 's set as owner of the floppy drive due to
> probing I believe.
>From man fstab:
"The fourth field, (fs_mntops), describes the mount options associated
with the filesystem. "
I still don 't see what kudzu could have to do with filesystem mount
options...
>
> > - How can i stop it from probing my serial ports? I have had to simply
> > disable it for now.
>
> Add the '-s ' option for "safe " probing mode, this prevents serial probe,
> ddc monitor probe, and ps/2 probe.
That is good if you want to disable all unsafe probes, but I just want
to be able to say: do not probe ttyS2... but keep probing to see which
monitor is plugged in.
>
> > - How can I stop it to *ever* ask me about my (offline) printer? (keep
> > configuration should just keep it forever and not ask me again - unless
> > I specifically say that I want to - needs doing too)
>
> You 'll have to file a "request for enhancment " on this one, there is no
> "keep " forever AFAIK.
>
> > - Who is going to tell a linux beginner that kudzu is 'hardware
> > detection '? Why not have a more sensible name?
>
> I 'm fairly certain it says hardware detection when it runs kudzu.
Yes it does, but from a user point of view, everything else makes sense
(dhcpd = dhcp daemon and so on)
> > - It simply hangs my via-epia boxes half the time.
>
> File a bug then.
I will do.
>
> > * firewalling: my firewall is on a dynamic IP and requires specific
> > rules. lokkit does not allow you to specify which ports to add (beyond
> > the basics: http/smtp...). So I end up running it from rc.local.
> > Problem is that if my ISP 's dhcp server ever gives me another IP, my
> > script won 't run again. There are /etc/dhcp scripts meant to be run on
> > dhcp lease renewal, but I could never get this to run correctly.
> > Why can 't wget work properly behing a firewall? (wrong port errors)
>
> wget works perfectly behind a firewall, assuming you 've configured it
> properly. I 'm behind one, and it works just fine...
Most of the time.
>
> > * kernel: I can make it oops at will, just by using hdparm to spin down
> > one of the disks (hdparm -Y) then doing something else.
> > redhat kernel is too different from vanilla to be able to compile all
> > sorts of things (macros changed, memcpy and friends)
>
> hdparm is not perfect, and subtle differences in hardware will expose
> problems. File a bug.
>
> > I can 't shutdown cleanly anymore: as soon as I exit X,it clears all my
> > windows, looks like it is going back to the text console, but justs sits
> > there in graphics mode, with the desktop background. Reset is the only
> > way to get it going again. Nothing in XFree log or syslog. (dual athlon
> > system)
>
> This has been fixed in rawhide I believe. Someone else mentioned this
> earlier.
Any idea what needs updating? XFree? (hope it hasn 't got too many deps)
>
> In short, firewalls are not easy to configure, lokkit already states
> that it 's not for advanced configuration, just for "simple "
> configuration, and advanced configurations like yours are definitely not
> the norm.
I am not asking for lokkit to do all the work, I am quite happy with my
firewall script. I just want the ability to hook it up to the system
more cleanly. rc.local isn 't ideal, and iptables save does not work for
dynamic ips.
Antoine
|
|
|